wirhabenglueck.de
Open in
urlscan Pro
2.58.213.98
Public Scan
Effective URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&...
Submission: On September 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time wirhabenglueck.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
1 | 104.21.61.59 104.21.61.59 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.170.186 172.67.170.186 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 31.170.100.125 31.170.100.125 | 201942 (SOLTIA) (SOLTIA) | |
1 1 | 2.58.213.97 2.58.213.97 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 5 | 2.58.213.98 2.58.213.98 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
11 | 195.181.174.6 195.181.174.6 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
2 | 74.125.133.95 74.125.133.95 | 15169 (GOOGLE) (GOOGLE) | |
1 | 66.102.1.94 66.102.1.94 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.217.205.16 52.217.205.16 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 172.67.30.225 172.67.30.225 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 8 |
ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-1.cdn77.com
1892897091.rsc.cdn77.org |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cdn77.org
1892897091.rsc.cdn77.org |
633 KB |
5 |
wirhabenglueck.de
1 redirects
wirhabenglueck.de |
27 KB |
2 |
aimtell.io
cdn.aimtell.io |
1 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
amazonaws.com
s3.amazonaws.com |
13 KB |
1 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
das-haben-wir.de
1 redirects
das-haben-wir.de |
275 B |
1 |
frienciple.com
1 redirects
track.frienciple.com |
326 B |
1 |
arty2night.com
1 redirects
p.arty2night.com |
788 B |
1 |
discofoxfiles.com
discofoxfiles.com |
844 B |
1 |
bit.ly
1 redirects
bit.ly |
383 B |
23 | 11 |
Domain | Requested by | |
---|---|---|
11 | 1892897091.rsc.cdn77.org |
wirhabenglueck.de
|
5 | wirhabenglueck.de |
1 redirects
discofoxfiles.com
wirhabenglueck.de 1892897091.rsc.cdn77.org |
2 | cdn.aimtell.io |
s3.amazonaws.com
|
2 | fonts.googleapis.com |
wirhabenglueck.de
1892897091.rsc.cdn77.org |
1 | s3.amazonaws.com |
wirhabenglueck.de
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | das-haben-wir.de | 1 redirects |
1 | track.frienciple.com | 1 redirects |
1 | p.arty2night.com | 1 redirects |
1 | discofoxfiles.com | |
1 | bit.ly | 1 redirects |
23 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
wirhabenglueck.de R3 |
2021-08-30 - 2021-11-28 |
3 months | crt.sh |
www.cdn77.com R3 |
2021-07-15 - 2021-10-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-06-23 - 2022-07-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Frame ID: B306D237FF6E966EE14B3879157F901E
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Gewinnen Sie 4 leckere Menüs!Page URL History Show full URLs
-
http://bit.ly/gasgiftcard533
HTTP 301
https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id= Page URL
-
https://p.arty2night.com/click?pid=1211&offer_id=5640&sub1=1114450685&sub2=317977
HTTP 302
https://track.frienciple.com/ofsy/7024e318-ea12a960-bb5a5c9c-fc77-57ba/9f85ed25-660e1432-589227ed-5a1b-f2... HTTP 303
https://das-haben-wir.de/fpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c... HTTP 307
http://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a... HTTP 301
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a... Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Aimtell (Marketing automation) Expand
Detected patterns
- cdn\.aimtell\.\w+/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/gasgiftcard533
HTTP 301
https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id= Page URL
-
https://p.arty2night.com/click?pid=1211&offer_id=5640&sub1=1114450685&sub2=317977
HTTP 302
https://track.frienciple.com/ofsy/7024e318-ea12a960-bb5a5c9c-fc77-57ba/9f85ed25-660e1432-589227ed-5a1b-f243?Subid=1211&sub_pubid=317977&externalid=613e98864bf9e10001a9f121 HTTP 303
https://das-haben-wir.de/fpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211 HTTP 307
http://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030 HTTP 301
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bit.ly/gasgiftcard533 HTTP 301
- https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
show.php
discofoxfiles.com/ Redirect Chain
|
621 B 844 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
redirpage
wirhabenglueck.de/ Redirect Chain
|
24 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ndtApp.js
1892897091.rsc.cdn77.org/cam/app/js/ |
304 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 870 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ndtApp.css
1892897091.rsc.cdn77.org/cam/app/css/ |
100 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sovendus-layover.js
1892897091.rsc.cdn77.org/cam/DE/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push.js
wirhabenglueck.de/ |
535 B 725 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 741 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
136 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
wirhabenglueck.de/rest/agree/ |
979 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
wirhabenglueck.de/rest/disclaimer/ |
417 B 571 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
security_tag.png
wirhabenglueck.de/cam/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bag.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_tag.png
1892897091.rsc.cdn77.org/cam/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ |
46 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
after.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
723 B 738 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
340 KB 340 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sticker.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
194 B 464 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ |
404 B 544 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23271-161906366efd.json
cdn.aimtell.io/config/optin/ |
435 B 866 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23271-161906366efd.json
cdn.aimtell.io/config/ |
191 B 362 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- wirhabenglueck.de
- URL
- https://wirhabenglueck.de/cam/img/security_tag.png
Verdicts & Comments Add Verdict or Comment
158 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| configs object| __core-js_shared__ object| core function| showTerms function| showPolicy function| showSponsors function| showWiderruf function| showImpressum function| showAdditionalContent function| showLander function| onPrelanderAnswerButtonClick number| OPEN_LIMIT string| CLOSE_CLASS number| openedCount string| MODAL_HTML string| MODAL_STYLES function| injectMicroModalScript function| injectCloseEvent function| injectModalStyles function| appendModal function| closeModal function| injectMouseEvent function| removeMouseEvent function| onMouseMove function| injectFlexIFrameScript function| getSessionId function| getTimestamp function| generateBirthDate function| generatePolitePhrase function| generatePhoneNumber function| injectSovendusData function| initSovendusLayover function| onQuestionsDisplay object| _at undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted object| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellSafariRun function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellInitWorker function| _aimtellForceRefreshSW4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: l8d0ha-58a0ba1b17b24ab78f-00u |
|
p.arty2night.com/ | Name: afclick Value: 613e98864bf9e10001a9f121 |
|
p.arty2night.com/ | Name: afoffers Value: {"5640":1631492230} |
|
wirhabenglueck.de/ | Name: _aimtellSubscriberID Value: e139fe2e-dabd-9f0e-9f92-ebd5ce8fc730 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1892897091.rsc.cdn77.org
bit.ly
cdn.aimtell.io
das-haben-wir.de
discofoxfiles.com
fonts.googleapis.com
fonts.gstatic.com
p.arty2night.com
s3.amazonaws.com
track.frienciple.com
wirhabenglueck.de
wirhabenglueck.de
104.21.61.59
172.67.170.186
172.67.30.225
195.181.174.6
2.58.213.97
2.58.213.98
31.170.100.125
52.217.205.16
66.102.1.94
67.199.248.10
74.125.133.95
040083ca2fe802077c243837101a8d94d4796d21d9e28bacaec5baaa3bcdb53e
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
2db94dde3fe2d311a1745f2602bc6a849d19f5d5d5735f34947df3add6b5beaf
35a3d10dfd8578633638594c87839819ae67aab60b838e92e77b02010d00212b
47beaa5bc0502ae7da6416d95b32f4cf93f678e0488efc64d417671916c82d00
51b055f7afc783ad562209e85f7aeec6781421a4a1c4fc1f561b311eeabea3c4
5965022bb86bd2e2936d34cce489d934bac29f3ead144be9c577163c74d994ed
5fd6db47333555e2d860270277213ae09b5c52a6f78cca4e2466713afa20de6b
605438ee81564169fec1ca8003a6bd8b058fa8daca05dfd45f46df115ba91564
6326544323c19192908049055c9c673d418d3162e22c1d62a67e744ce2d23489
70146b695e4e302dae7862c7ce3ba532ff478f02f3d9454e6a9189287f6b4bef
839741000c77d2606bc8b695ba0bb9cc4b8ef484f8b6babd649e6bef0d607f3e
a9f1e4c8d46dbc4c548219edaab9ce1bd1e1f4942e54767c84991873860f402d
b4e711d8fcc6b1ba70852ac681a7d0570f33e4694b01401f2cbbe10c9e313138
be4fc0e8eeafe0023d348f3412d047246bd08ee3e89246df54d116b5f740b0ed
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d823f5ddbeb110aefa4824172606bb1536f67a49e6e10b401d4f80d5dc25794a
d94896a3e8776fbf7323e4c12e6253b8831e4885895a45a41e574b5ae25d070a
f2c224d47e69d0cc93780cd3590c0b1474aacf62c240d4f7b4b877b9f3f8c1cf
f7c2598b3814d2292324e9cc532764a572d69abe176a4d8354a83d42a26b1ddb